Professional Documents
Culture Documents
WEDGE-100BF-32X
Work Package: 6
Introduc on 5
Conclusion 27
References 27
Glossary 27
Annexes 28
SDE 9.3.0 Caveat 28
SDE 9.2.0 Caveat 30
SDE 9.1.0 Caveat 30
run_switchd -p <my-program.p4> is stuck 30
Cannot access BIOS is order to enable Ethernet port 31
ONL compila on with ixgbe ethernet driver as loadable module 31
Execu ve Summary
This document objec ve is to describe P4 switch WEDGE-100BF-32X in the context of WP6-T1/RARE
project in 3 perspec ves :
1 Introduc on
WP6-T1/RARE team is currently deploying a European testbed that has the par cularity to
encompass P4 equipment. For now there is only one model of P4 hardware being rolled out which is
the EDGECORE WEDGE-100-BF-32X that is powered by the TOFINO Network Processor Unit.
The partners involved in this testbed deployment are GÉANT, Jisc, KIFU, RENATER,
SWITCH,UMU/REDIRIS.
The RARE team needs this testbed in order to test all the features set being developed by the project
in the frame of the GN4-3 Work Package 6 Task 1.
This document is the RARE-WEDGE-100BF-32X installa on guide following the 3 perspec ves listed
above.
Note that this procedure also applies to WEDGE-100BF-64X that has twice the number of ports.
However, it does not have the two on-board Ethernet ports. Therefore the CPU port is only available
via PCIe through the use of INTEL bf_kpkt port.
2 RARE-WEDGE Master template installa on
2.1 Unboxing
2.1.1 Parcels
Each of one of them has their own out of band management ports.
At this stage, you can connect the WEDGE to your LAN via the management ethernet and you’ll get
access to the MAIN CPU running ONIE.
BMC and MAIN CPU are sharing an internal hub and have respec vely ip address 192.168.0.1
and 192.168.0.2 therefore you can bounce to MAIN CPU from BMC via sol.sh script but it also means
that you cannot assign 192.168.0.0/24. Addi onally, ONIE boot loader has a default password less
root account. Therefore it is recommended to connect the switch in a protected environment.
2.2.2 OpenBMC configura on via serial console port
The OpenBMC is accessible via the console port. You’ll have to use a roll-over cable for that purpose.
Console se ngs:
user: root
password: 0penBmc
OpenBMC is installed in nvram. This means that all modifica ons are not persistent a er a
reboot.
When the device is powered on for the first me, the serial console (se ngs 9600/8N1) provides
access to the OpenBMC prompt. The default creden als are username root with password
0penBmc. A er logging in, execute the following command at the BMC prompt
This will reset the host CPU and connect the user to the console of the system (not to be confused
with the console of the BMC). As a result, the user will be presented with the ONIE prompt
ONIE:~ #
As specified, the MAIN CPU ini ally has only ONIE boot loader installed. By default, ONIE is
configured to spawn (extensively) boot requests in order to retrieve its firmware. It is therefore
recommended to stop this auto-discovery process by issuing:
onie-stop
ONIE installa on process has now stopped. We will resume this auto-discovery process once
ONIE ONL image recommended by INTEL is built.
2.3 ONIE firmware factory reset
In order to have a coherent deployment process, it is recommended to perform a ONIE firmware
factory reset. As you recall ONIE by default is accessible via a password less root account. This
means that for any reasons if the switch has been exposed to an unprotected environment the ONIE
boot loader could have been compromised.
The following sec on describes ONIE firmware update. The sec on below is available for
convenience, avoiding us from switching between various documents.
Convert the ISO into a bootable image and load it onto a USB device.
On MACOS:
Find the par on on which your USB drive is mounted. In this example, /dev/disk2 corresponds
to the USB device. Use the disku l list command as shown here:
disk5
1: 0xEF 213.0 KB disk5s1
sudo dd \
if=./onie-recovery-x86_64-accton-wedge100bf_32x-r0.img.dmg \
of=/dev/disk5 bs=1m
● Connect to BMC
● Insert USB into the USB port on the WEDGE front panel
● At the the BMC prompt enter the MAIN CPU and type:
● During the reboot process from the MAIN CPU, press eth <ESC? or <DEL> key to enter the
Ap o Setup U lity. In the Boot menu, set Boot mode select to LEGACY and set Boot Op on
#1 to USB Device.
● Press f4 to save and exit
● When you reach the ONIE boot screen under GRUB select ONIE EMBED MODE, which installs
ONIE
● When the ONIE installa on is done, remove the USB
● When the ONIE prompt appears (user:root no password) type:
onie-stop
● verify that the ONIE installa on was successful by checking the ONIE log file:
tail /var/log/onie.log
It is MANDATORY to use the version recommended by INTEL. You can grab this informa on from
the SDE release notes downloaded from INTEL CONNECTIVITY RESEARCH PROGRAM. As we are
installing SDE 9.3.0 we are thus using ONL commit 1537d8334d5fc9364f1ce6a44e26eb247e42f2e6.
Dowload ONL patch from INTEL CONNECTIVITY FORUM resource page (needs private access subject
to NDA).
cd OpenNetworkLinux
git apply onl.patch
# SDE 9.3.0 uses ONL9 which is based on Debian 9
export VERSION=9
# make ONL adopt systemd
echo ‘export INIT=systemd’ >> setup.env
# vi edit ./OpenNetworkLinux/builds/any/rootfs/stretch/standard/standard.yml
# add user p4, [login:p4,password:p4]
make docker
…
<perfect time to grab a coffee>
docker/tools/onlbuilder -9
apt-cacher-ng
source setup.env
make amd64
Obviously ONL compila on is not necessary each me a WEDGE is deployed. Compila on is only
needed if you need to install a INTEL SDE that requires a specific commit.
2.4.3 WEDGE ONL installa on
# DHCP example
host HOST_237 {
hardware ethernet 00:90:fb:65:d6:3c;
fixed-address 193.49.159.237;
option default-url =
"http://194.57.4.109/ONL-HEAD_ONL-OS9_2020-02-18.0846-3127f40_AMD64_INSTALLED_INSTALLER";
}
onie-discovey-start
…
<WEDGE should kickstart ONIE installation using DHCP default_url>
…
<perfect time to grab another coffee>
ONIE discovery process is convenient, however make sure connec vity between the WEDGE
ethernet management port and the HTTP server. Otherwise, the switch would start to spawn (tons
of) spurious requests to the whole Internet using a predefined list of URL. If public IP is used and that
outgoing traffic toward the Internet is possible from the WEDGE management port it is therefore
recommended to install the firmware manually.
user: root
password: onl
Once the MAIN CPU root account is changed it will be applicable also to the console access.
root@localhost:~# uname -r
4.14.151-OpenNetworkLinux
root@localhost:~#
Based on the command output above, Install kernel header package from:
REPO/stretch/packages/binary-amd64/
dpkg -i onl-kernel-4.14-lts-x86-64-all_1.0.0_amd64.deb
● Grab the INTEL latest SDE from INTEL CONNECTIVITY FORUM. As of this document wri ng
the latest SDE is version 9.3.0.
● As we are deploying SDE on the WEDGE we need to also download WEDGE 100BF 32X Board
Support Package (BSP) from INTEL CONNECTIVITY FORUM. We download then BSP 9.3.0 version
corresponding to SDE 9.3.0.
Previous SDE installa on prior to SDE 9.3.0 had a dependencies.tar.gz file. Since SDE 9.3.0 this has to
be installed by reading the instruc ons in Intel® P4 Studio SDE 9.3.0 release ONL patch and install
script zip file.
In this tarball, there is also a nested dependencies.tar.gz tarball containing all the necessary
dependency packages needed by the SDE 9.3.0.
# as root (obviously)
We assume that you install the SDE using root account and you are at /root directory.
export SDE=/opt/bf-sde-9.3.0
export SDE_INSTALL=$SDE/install
export PATH=$SDE_INSTALL/bin:$PATH
source ~/.profile
cd $SDE/p4studio_build/
./p4studio_build.py --skip-dependencies \
--use-profile p416_examples_profile \
--bsp-path /root/bf-reference-bsp-9.3.0
We assume you installed the dependencies using ONL tarball so no need to download and
reinstall dependencies again.
If you had not done it preciously, set SDE installa on environment in ~/.profile
export SDE=/opt/bf-sde-9.3.0
export SDE_INSTALL=$SDE/install
export PATH=$SDE_INSTALL/bin:$PATH
source ~/.profile
Not sure where is it now, but you had the possibility to download useful tools that were essen ally
wrapper around SDE tools: (p4_builb.sh)
By default, as per our experience among 8 WEDGE-BF100-32X, Ethernet CPU ports are not enabled.
In order to enable them you have to reboot the switch from MAIN CPU and get access to the BIOS
and ac vate them from there following this procedure described in the INTEL CONNECTIVITY
FORUM.
keep in mind that is applicable only for WEDGE-100BF-32X, for WEDGE-100BF-65X Ethernet CPU
PORTs are not available.
Once enabled from the BIOS, you should be able to ac vate them from the MAIN CPU access
# P4 PORT 66
ip link set enp4s0f0 mtu 8192
ip link set enp4s0f0 up
# P4 PORT 64
ip link set enp4s0f1 mtu 8192
ip link set enp4s0f1 up
In order to enable Ethernet CPU_PORT you need to first load bf_drv driver
$SDE_INSTALL/bin/bf_kdrv_mod_load $SDE_INSTALL
and for PCIe CPU_PORT you need to first load bf_kpkt driver:
$SDE_INSTALL/bin/bf_kpkt_mod_load $SDE_INSTALL
In ONL 8, the device was called bf_pci0 , in ONL 9, the device has a different name. In our case
it is called either enp6s0, or enp5s0 when Ethernet ports are not ac vated via the BIOS.
bf_kdrv and bf_kpkt are mutually exclusive you cannot load both of them at the same me. If
you plan to use Ethernet CPU_PORT you can just use bf_kdrv, if you plan to use PCIe CPU_PORT you
can use bf_kpkt, this will make “PCIe based” network interface appear. From different pla orm/OS
point of view this interface can be named bf_pci0, enp6s0, enp5s0 or ens1 (on ubuntu
STORDIS BF2556X-1T P4 switch)
As FreeRouter is wri en in JAVA, JRE needs to be installed. JDK is necessary if you need to recompile
FreeRouter from source. Generally, you won’t need to recompile it. Therefore Java Run me
Environment is enough. There are various ways to install JRE:
● manual installa on
● using Opera ng system stock JRE
Manual installa on
Manual installa on is required if you really need a specific version of JAVA environment
recommended by your organiza on or if you aim for an installa on without INTERNET connec on. In
this example we are using JDK 13.0.2, but you can use any JAVA version star ng from JAVA 8.
Download JAVA JDK from JDK home page. In our deployment we use JDK 13.0.2 GA release.
untar the openjdk-13.0.2_linux-x64_bin.tar.gz into /root directory:
export JAVA_HOME=/root/jdk-13.0.2
export PATH=$JAVA_HOME/bin:$PATH
Since 2020 september, RARE is proposing 3 fully dataplanes that are now OpenSource. 2 of them are
P4 dataplane and 1 is based on DPDK, we hope soon to add more dataplane support.
Clone RARE so ware from GÉANT Bitbucket. (eduGain and special authoriza on is not needed any
more ! :-) )
cd /root
git clone https://bitbucket.software.geant.org/scm/rare/rare.git
tree freeRouter
freeRouter
├── bin # binary files
├── etc # configuration files
├── lib # library files
└── log # log files
2.8.2 freeRouter control plane configura on
freeRouter uses 2 configura on files in order to run, these configura on files for one freeRouter
control plane can be in ~/freeRouter/etc.
Basically:
- v1 is the default vrf. The name is arbitrary.
- Telnet access seen from port 23 network namespace is accessible via port 2323 from UNIX host
- Same apply for port 9080 which is freeRouter API messages connec on toward Dataplane
- If you need SSH you’ll need to add tcp2vrf 2002 v1 22
hostname tna-freerouter
buggy
!
!
vrf definition v1
exit
!
interface ethernet0
description freerouter@P4_CPU_PORT[enp6s0]
no shutdown
no log-link-change
exit
!
interface sdn1
description freerouter@sdn1[enp0s3]
mtu 9000
macaddr 0072.3e18.1b6f
vrf forwarding v1
ipv4 address 192.168.0.131 255.255.255.0
ipv6 address 2a01:e0a:159:2850::666 ffff:ffff:ffff:ffff::
ipv6 enable
no shutdown
no log-link-change
exit
!
!
!
!
!
!
!
!
!
!
!
!
!
!
server telnet tel
security protocol telnet
no exec authorization
no login authentication
vrf v1
exit
!
server p4lang p4
export-vrf v1 1
export-port sdn1 0 10
interconnect ethernet0
vrf v1
exit
!
!
end
Explana on:
● Name of the router is:
hostname tna-freerouter
● buggy: Enable hidden command in the CLI. Some of them can be intrusive or induce more
CPU usage. In normal opera on you don’t need it.
buggy
● freeRouter basic telnet access server (no ce that it is inside VRF v1).
!
server telnet tel
security protocol telnet
no exec authorization
no login authentication
vrf v1
exit
!
● freeRouter dataplane secret sauce: p4lang server stanza and sdn<x> interface
!
interface sdn1
description freerouter@sdn1[enp0s3]
mtu 9000
macaddr 0072.3e18.1b6f
vrf forwarding v1
ipv4 address 192.168.0.131 255.255.255.0
ipv6 address 2a01:e0a:159:2850::666 ffff:ffff:ffff:ffff::
ipv6 enable
no shutdown
no log-link-change
exit
!
!
server p4lang p4
export-vrf v1 1
export-port sdn1 132 10
interconnect ethernet0
vrf v1
exit
!
On WEDGEBF10032X, TOFINO have internal interface iden fier tagged with the D_P field.
Se ng up interface on TOFINO is not in the scope of this document. You’ll find the relevant
informa on in the INTEL WEDGE configura on guide.
/root/tools/p4_build.sh \
-I ~/rare/100-WEDGE-100BF-32X/p4src \
-DHAVE_COPP \
-DHAVE_INACL \
-DHAVE_OUTACL \
-DHAVE_MPLS \
-DHAVE_BRIDGE \
~/rare/100-WEDGE-100BF-32X/p4src/bf_router.p4
● RARE with MPLS profile and PCIe CPU PORT: port 192
/root/tools/p4_build.sh \
-I ~/rare/100-WEDGE-100BF-32X/p4src \
-DHAVE_COPP \
-DHAVE_INACL \
-DHAVE_OUTACL \
-DHAVE_MPLS \
-DHAVE_BRIDGE \
-D_WEDGE100BF32X_ \
~/rare/100-WEDGE-100BF-32X/p4src/bf_router.p4
● RARE with SRv6 profile and Ethernet CPU PORT: port 64
/root/tools/p4_build.sh \
-I ~/rare/100-WEDGE-100BF-32X/p4src \
-DHAVE_COPP \
-DHAVE_INACL \
-DHAVE_OUTACL \
-DHAVE_SRV6 \
-DHAVE_BRIDGE \
-DHAVE_NAT \
-DHAVE_PBR
~/rare/100-WEDGE-100BF-32X/p4src/bf_router.p4
● RARE with SRv6 profile and PCIe CPU PORT: port 192
/root/tools/p4_build.sh \
-I ~/rare/100-WEDGE-100BF-32X/p4src \
-DHAVE_COPP \
-DHAVE_INACL \
-DHAVE_OUTACL \
-DHAVE_SRV6 \
-DHAVE_BRIDGE \
-DHAVE_NAT \
-DHAVE_PBR \
-D_WEDGE100BF32X_ \
~/rare/100-WEDGE-100BF-32X/p4src/bf_router.p4
cd $SDE
./run_switchd -p bf_router
You can use the following manual script in order to start FreeRouter: (to be done once a er each
reboot)
You can use freeRouter installa on from Bitbucket RARE repository. In order to get the latest
freeRouter version, use the following script:
cd ~/rare
./update-jar.sh
Depending on the CPU PORT the special file needs to be adjusted in RARE-FreeRTR startup script.
cd ~/rare/100-WEDGE-100BF-32X/0001-vpn-over-bgp-isis-sr-operation
vi bin/setup_core1.sh
# if Ethernet is used
FREERTR_ETH0="enp4s0f1"
#if PCIe is used
FREERTR_ETH0="enp6s0"
cd ~/rare/100-WEDGE-100BF-32X/0001-vpn-over-bgp-isis-sr-operation
# start RARE-FreeRTR
make
# if you want to stop RARE-FreeRTR
make clean
In this case we are launching RARE interface between FreeRouter control plane and TOFINO P4
dataplane. Default profile is MPLS:
cd ~/rare/100-WEDGE-100BF-32X/bfrt_python
./bf_forwarder.py
In “RARE-WEDGE Master template installa on” sec on, we presented a full installa on procedure
that is usually done once. A er the first me installa on all the artefacts needed resul ng from
previous steps don’t not need to be recompiled again.
Finally, the ONIE firmware update described in the previous sec on is only possible on site.
Essen ally, this procedure is the same as the previous sec on. Instead we re-used all the ar facts
above just by copying them onto the same switch.
ONL image is the version recommended by INTEL. Technically each SDE release is associated to
an ONL commit version. If don’t want to rebuild ONL release and that you are willing to use external
image, you can re-use own ONL image required INTEL.
In the previous sec on “Ge ng the right ONL commit”, we should have downloaded ONL
dependencies file from ONL Support Files Download. (There was onl.patch in the tarball)
In this tarball, there is also a nested dependencies.tar.gz tarball containing all the necessary
dependency packages needed by the SDE 9.3.0.
# as root (obviously)
$SDE_INSTALL
Therefore copy install folder resul ng from the previous compila on into the $SDE folder that
you untared in the previous sec on.
$SDE/pkgsrc/p4-build/
$SDE/pkgsrc/p4-examples/tofino
A RARE-SDE tarball has been created. All the artefacts listed above are included in it.
4 Conclusion
This document presented the RARE WEDGE-100BF-32X installa on. It presented 3 ways to stage a
fully func onal switch. While the full installa on master template is useful for Network engineers,
the second method is focused on providing a “unplugged” installa on.
The last method’s objec ve is to provide a “zero touch” deployment procedure of the “unplugged”
installa on.
References
Wedge 100B ONIE Bootloader Download
ONL Support Files Download
WEDGE 100B user guide
OpenNetworkLinux GitHub
Port 64 on Wedge 100BF-32x
Send packet to/from CPU
Glossary
DPP Data Plane Programming
FPGA Field Programmable Gate Array
IX Internet eXchange point
NOS Network Opera ng System
P4 Programming Protocol-Independent Packet Processors - programming language
TCO Total Cost Ownership
5 Annexes
curl / libcurl deb are men oned are security downloads and hence are men oned (up12). The
version from apt (up10) won’t match then. When we downloaded these 2 libraries, the version
downloaded were up13. You’ll have to modify the version download in install.sh helper script
provided by INTEL.
egrep "dpkg -i" ./install.sh | awk -F '[_ ]+' '/dpkg -i / {print $3}' | xargs apt-get
download
wget http://deb.debian.org/debian/pool/main/z/zlib/zlib_1.2.8.dfsg.orig.tar.gz
wget https://mirror.ibcp.fr/pub/apache/thrift/0.13.0/thrift-0.13.0.tar.gz
wget http://deb.debian.org/debian/pool/main/libn/libnl3/libnl3_3.2.27.orig.tar.gz
wget https://dl.bintray.com/boostorg/release/1.67.0/source/boost_1_67_0.tar.gz
wget http://deb.debian.org/debian/pool/main/g/graphviz/graphviz_2.40.1.orig.tar.gz
wget
https://github.com/protocolbuffers/protobuf/releases/download/v3.6.1/protobuf-python-3.6.1.tar
.gz
wget
https://files.pythonhosted.org/packages/9d/0d/197f4a023269b5018054c5c2def0dd33b8dee04cdab6c606
54182d2b0fbb/ctypesgen-1.0.2-py2.py3-none-any.whl
wget
https://files.pythonhosted.org/packages/f9/d3/955738b20d3832dfa3cd3d9b07e29a8162edb480bf988332
f5e6e48ca444/setuptools-44.0.0-py2.py3-none-any.whl
wget
https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/pycrc16/crc16-
0.1.1.tar.gz
wget
https://files.pythonhosted.org/packages/c1/63/47d4bc4e4bfae29e00ff9256b52dfbf945b409804cfadf95
714c113b8efb/jsl-0.2.4.tar.gz
wget
https://files.pythonhosted.org/packages/fb/af/ce7b0fe063ee0142786ee53ad6197979491ce0785567b6d8
be751d2069e8/coverage-4.5.2.tar.gz
wget
https://files.pythonhosted.org/packages/02/24/f73045afb049295b34ac55aaf6ea1592604cda3749632a22
e563e66604a3/Cython-0.29.3.tar.gz
wget
https://files.pythonhosted.org/packages/1f/9e/7b2ff7e965fc654592269f2906ade1c7d705f1bf25b7d469
fa153f7d19eb/futures-3.2.0.tar.gz
wget
https://files.pythonhosted.org/packages/d8/55/221a530d66bf78e72996453d1e2dedef526063546e131d70
bed548d80588/wheel-0.32.3.tar.gz
wget
https://files.pythonhosted.org/packages/dd/bf/4138e7bfb757de47d1f4b6994648ec67a51efe58fa907c1e
11e350cddfca/six-1.12.0.tar.gz
wget
https://files.pythonhosted.org/packages/58/b9/171dbb07e18c6346090a37f03c7e74410a1a56123f847efe
d59af260a298/jsonschema-2.6.0.tar.gz
wget
https://files.pythonhosted.org/packages/e3/24/c35fb1c1c315fc0fffe61ea00d3f88e85469004713dab488
dee4f35b0aff/simplejson-3.16.0.tar.gz
wget https://pypi.python.org/packages/source/T/Tenjin/Tenjin-1.1.1.tar.gz
root@bud-onl:~/bf-sde-9.1.0#
Solu on:
Not sure why, usb0 from the BMC is not ac vated. BMC and MAIN CPU are communica on together
via their respec ve usb0 port. Therefore:
● log into BMC
● Enable usb0 using: ip link set usb0 up
.
In order to access the BIOS in order to ac vate the onboard Ethernet interfaces, you need to connect
via BMC and bounce to the MAIN CPU and reboot from MAIN CPU.
5.3.3 ONL compila on with ixgbe ethernet driver as loadable module
On WEDGE-BF100-32X, there is a possibility to ac vate the 2x10GE on board ethernet built into the
MAIN CPU board. The procedure is described INTEL connec vity forum portal.
These are intel Ethernet ports using ixgbe driver Linux module. However, if you issue an lsmod
command ixgbe driver does not appear in the list. This is because during ONL 9 compila on this
driver is compiled and set to be built in the kernel. (lsmod is lis ng only dynamically loadable
modules)
For unknown reasons, these ethernet ports are going down and a reboot seems to be the only
solu on to reac vate them.
Having the possibility to load/unload the module dynamically can be useful as it can prevents the
WEDGE reboot.
# edit
# ~/OpenNetworkLinux/packages/base/any/kernels/4.14-lts/configs/x86_64-all/x86_64-all.config
…
# Find CONFIG_IXGBE
# set it to “m”
…
CONFIG_IXGBE=m
…